Skip to content

Commit

Permalink
prosody/rootfs/defaults/saslauthd.conf: Append extended LDAP variable…
Browse files Browse the repository at this point in the history 
…s from saslauthd

Signed-off-by: le-firehawk <[email protected]>
  • Loading branch information
@le-firehawk
le-firehawk committed Jun 6, 2024
1 parent 36ebd3d commit 1e9264e
Showing 1 changed file with 27 additions and 7 deletions.
34 changes: 27 additions & 7 deletions prosody/rootfs/defaults/saslauthd.conf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,27 +4,47 @@

{{ if eq $PROSODY_AUTH_TYPE "ldap" }}
ldap_servers: {{ .Env.LDAP_URL }}

ldap_search_base: {{ .Env.LDAP_BASE }}
{{ if .Env.LDAP_BINDDN | default "" }}
ldap_bind_dn: {{ .Env.LDAP_BINDDN }}
ldap_bind_pw: {{ .Env.LDAP_BINDPW }}
{{ end }}
ldap_filter: {{ .Env.LDAP_FILTER | default "uid=%u" }}

ldap_version: {{ .Env.LDAP_VERSION | default "3" }}
ldap_auth_method: {{ .Env.LDAP_AUTH_METHOD | default "bind" }}

{{ if .Env.LDAP_BINDDN | default "" }}
ldap_bind_dn: {{ .Env.LDAP_BINDDN }}
ldap_bind_pw: {{ .Env.LDAP_BINDPW | default "MISSING PASSWORD" }}
{{ end }}

ldap_filter: {{ .Env.LDAP_FILTER | default "uid=%u" }}

ldap_group_attr: {{ .Env.LDAP_GROUP_ATTR | default "uniqueMember" }}
{{ if .Env.LDAP_GROUP_DN | default "" }}
ldap_group_dn: {{ .Env.LDAP_GROUP_DN }}
ldap_group_match_method: {{ .Env.LDAP_GROUP_MATCH_METHOD | default "attr" }}
{{ end }}
{{ if .Env.LDAP_GROUP_SEARCH_BASE | default "" }}
ldap_group_search_base: {{ .Env.LDAP_GROUP_SEARCH_BASE | default .Env.LDAP_BASE }}
{{ end }}
{{ if .Env.LDAP_GROUP_FILTER | default "" }}
ldap_group_filter: {{ .Env.LDAP_GROUP_FILTER }}
{{ end }}

{{ if .Env.LDAP_USE_TLS | default "0" | toBool }}
ldap_tls_key: /config/certs/{{ $XMPP_DOMAIN }}.key
ldap_tls_cert: /config/certs/{{ $XMPP_DOMAIN }}.crt

{{ if .Env.LDAP_TLS_CHECK_PEER | default "0" | toBool }}
ldap_tls_check_peer: yes
ldap_tls_cacert_file: {{ .Env.LDAP_TLS_CACERT_FILE | default "/etc/ssl/certs/ca-certificates.crt" }}
ldap_tls_cacert_dir: {{ .Env.LDAP_TLS_CACERT_DIR | default "/etc/ssl/certs" }}
{{ end }}

{{ if .Env.LDAP_TLS_CIPHERS }}
ldap_tls_ciphers: {{ .Env.LDAP_TLS_CIPHERS }}
{{ end }}
{{ end }}
{{ end }}
{{ if .Env.LDAP_START_TLS | default "0" | toBool }}

{{ if .Env.LDAP_START_TLS | default "0" | toBool }}
ldap_start_tls: yes
{{ end }}
{{ end }}

0 comments on commit 1e9264e

Please sign in to comment.